diff options
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/adminpack/adminpack.c | 7 | ||||
| -rw-r--r-- | contrib/file_fdw/file_fdw.c | 4 | ||||
| -rw-r--r-- | contrib/pg_stat_statements/pg_stat_statements.c | 2 | ||||
| -rw-r--r-- | contrib/pgrowlocks/pgrowlocks.c | 2 |
4 files changed, 9 insertions, 6 deletions
diff --git a/contrib/adminpack/adminpack.c b/contrib/adminpack/adminpack.c index c3c5e03945d..48c17469104 100644 --- a/contrib/adminpack/adminpack.c +++ b/contrib/adminpack/adminpack.c @@ -79,10 +79,13 @@ convert_and_check_filename(text *arg) * files on the server as the PG user, so no need to do any further checks * here. */ - if (is_member_of_role(GetUserId(), DEFAULT_ROLE_WRITE_SERVER_FILES)) + if (is_member_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES)) return filename; - /* User isn't a member of the default role, so check if it's allowable */ + /* + * User isn't a member of the pg_write_server_files role, so check if it's + * allowable + */ if (is_absolute_path(filename)) { /* Disallow '/a/b/data/..' */ diff --git a/contrib/file_fdw/file_fdw.c b/contrib/file_fdw/file_fdw.c index 2059c07349b..2c2f149fb01 100644 --- a/contrib/file_fdw/file_fdw.c +++ b/contrib/file_fdw/file_fdw.c @@ -269,13 +269,13 @@ file_fdw_validator(PG_FUNCTION_ARGS) * otherwise there'd still be a security hole. */ if (strcmp(def->defname, "filename") == 0 && - !is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_SERVER_FILES)) + !is_member_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("only superuser or a member of the pg_read_server_files role may specify the filename option of a file_fdw foreign table"))); if (strcmp(def->defname, "program") == 0 && - !is_member_of_role(GetUserId(), DEFAULT_ROLE_EXECUTE_SERVER_PROGRAM)) + !is_member_of_role(GetUserId(), ROLE_PG_EXECUTE_SERVER_PROGRAM)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("only superuser or a member of the pg_execute_server_program role may specify the program option of a file_fdw foreign table"))); diff --git a/contrib/pg_stat_statements/pg_stat_statements.c b/contrib/pg_stat_statements/pg_stat_statements.c index 62cccbfa44d..6feea2ab4f4 100644 --- a/contrib/pg_stat_statements/pg_stat_statements.c +++ b/contrib/pg_stat_statements/pg_stat_statements.c @@ -1587,7 +1587,7 @@ pg_stat_statements_internal(FunctionCallInfo fcinfo, pgssEntry *entry; /* Superusers or members of pg_read_all_stats members are allowed */ - is_allowed_role = is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS); + is_allowed_role = is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS); /* hash table must exist already */ if (!pgss || !pgss_hash) diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c index 714398831bc..669a7d7730b 100644 --- a/contrib/pgrowlocks/pgrowlocks.c +++ b/contrib/pgrowlocks/pgrowlocks.c @@ -130,7 +130,7 @@ pgrowlocks(PG_FUNCTION_ARGS) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV; + aclresult = is_member_of_role(GetUserId(), ROLE_PG_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV; if (aclresult != ACLCHECK_OK) aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), |